Watch Your Words: Tim Brown's Advice For CISOs
Search Security, Friday, March 27th, 2026
During RSAC 2026, Tim Brown discussed the SolarWinds breach, his SEC indictment and the critical need for communication policies.
"Anything you say can and will be used against you."
As the first CISO personally indicted in a civil lawsuit, Tim Brown knows all about how what he and his colleagues said -- be it industry language or benign jokes -- could be used against him and his company, SolarWinds.
Brown was the CISO at SolarWinds when the infamous 2020 supply chain attack occurred. Nation-state hackers had injected malicious code into SolarWinds Orion updates, enabling them to infiltrate thousands of organizations worldwide, including government agencies and private companies, and conduct cyberespionage.